Apple

Zero Day Initiative CVE Apple Mar 10

ZDI-26-173: Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this v...

T1190 1 IOC

Zero Day Initiative →

Infosecurity Magazine Vulnerability Disclosure Apple Mar 5

Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns

Exploit kit "Coruna" targets iPhones running iOS 13.0 to 17.

T1041 T1588

Infosecurity Magazine →

Infosecurity Magazine General Apple Feb 17

Apple Expands RCS Encryption and Memory Protections in iOS 26.4

iOS 26.

Infosecurity Magazine →

Zero Day Initiative CVE Apple Feb 12

ZDI-26-073: Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vul...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apple Feb 12

ZDI-26-072: Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vul...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apple Feb 12

ZDI-26-071: Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vul...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apple Oracle Feb 3

ZDI-26-057: Apple Safari JavaScriptCore FTL New Array Materialization Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this ...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apple Intel Feb 3

ZDI-26-056: Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the abili...

1 IOC

Zero Day Initiative →

Google Project Zero CVE Apple Jan 30

Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

In the first part of this series, I detailed my journey into macOS security research, which led to the discovery of a type confusion vulnerability (CVE-2024-...

2 IOCs

Google Project Zero →

WeLiveSecurity General Apple Jan 22

Common Apple Pay scams, and how to stay safe

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead

WeLiveSecurity →

Exploit Database Vulnerability Disclosure Apple Dec 3

[webapps] RosarioSIS 6.7.2 - Cross Site Scripting (XSS)

RosarioSIS 6.7.

Exploit Database →

Exploit Database Vulnerability Disclosure Apple Dec 3

[webapps] RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)

RosarioSIS 6.7.

Exploit Database →

WeLiveSecurity General Apple Oct 9

How Uber seems to know where you are – even with restricted location permissions

Is the ride-hailing app secretly tracking you? Not really, but this iOS feature may make it feel that way.

WeLiveSecurity →